Incident Response

Incident Response

Organization Description/Domain
Mercy Memorial Hospital (MMH) is medical center and hospital facility providing services for adults and children. MMH employs a staff of about 450 people, including medical, financial, security, maintenance, IT, and executive staffs.

User Domain
1. General Operations Staff
a. Medical Specialists (e.g. Nurses, Doctors)
b. Finance Specialists (e.g. Accountants)
c. Maintenance (e.g. Electricians, Custodians)
d. Human Resources
e. Executive Staff (e.g. CEO)
f. Physical Security Staff

2. IT Staff
a. Server Managers
b. Network Operators
c. Help Desk (i.e. providers of help to non-tech staff)
d. Security Specialists

3. Patients (is there something missing here???)

Workstation Domain
1. Desktop Computers
a. Receptionists for managing patient appointments, etc.
b. Finance staff for managing financing
c. IT Staff for managing network / server components
d. Windows XP SP 3
e. Dell Laptops
f. Active Directory used as roles and privilege manager, all employees who have desktop have username / password

2. Laptop Computers
a. Nurses and Doctors for managing patient data (e.g. prescriptions, notes about visits, etc.)
b. Some IT Staff for managing and configuring network / server components
c. Like desktops, anyone who uses laptops have credentials, Active Directory being used
d. Windows XP SP 3
e. Dell Laptops

3. Host Security
a. Windows Firewall active on all desktops and laptops
b. VIPRE Antivirus installed and active on all desktops and laptops
LAN Domain
1. Switches with VLANs enabled
a. Finance VLAN
b. Doctor / Nurse VLAN
c. IT Staff VLAN

2. Access Points
a. Access points spread across hospital for laptop wireless network connection
b. Wireless network protected by WPA2 key, and also requires user credentials

3. Internal Access Privileges
a. All servers allow access based on user roles (Active Directory)...

Similar Essays